ce8f2a1f7c96ba4d595c1c1b78f4a0bfc4d5e5af7a00bee88ebca36a5d3caf1f | Triage

Submit
Reports

Overview

overview

Static

static

ce8f2a1f7c...1f.exe

windows7-x64

ce8f2a1f7c...1f.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ce8f2a1f7c96ba4d595c1c1b78f4a0bfc4d5e5af7a00bee88ebca36a5d3caf1f.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ce8f2a1f7c96ba4d595c1c1b78f4a0bfc4d5e5af7a00bee88ebca36a5d3caf1f.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ce8f2a1f7c96ba4d595c1c1b78f4a0bfc4d5e5af7a00bee88ebca36a5d3caf1f
Size

382KB
MD5

68fbed7b6c37521b033cafb50b987010
SHA1

87f56e06e48784c20c15545684843160b084d58c
SHA256

ce8f2a1f7c96ba4d595c1c1b78f4a0bfc4d5e5af7a00bee88ebca36a5d3caf1f
SHA512

ac58e4fcd5cc9384b6189fd12b52134a825ef0ccc5996379d8c6ac1c2442ddba19a0a7a7272cde36f30cf9f2b7848dea97404614db9a6f1e757150db25e01b57
SSDEEP

6144:zjnxZKo1RMCN/X5g4tYjGsJEvKt0J+LI88uGcSGBb9P1EAiW1TxubN3GfzY0i/93:fnPZRMoPznbpsIM3ziW1TxubN3yclcIF

Score

N/A

Malware Config

Signatures

Files

ce8f2a1f7c96ba4d595c1c1b78f4a0bfc4d5e5af7a00bee88ebca36a5d3caf1f
.exe windows x86

7b3129004a74846a5315eff6603ad5bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetSystemInfo
CreateMutexW
FreeConsole
ResetEvent
WriteFile
GetEnvironmentVariableA
CreateEventW
ReleaseMutex
SuspendThread
GetCommandLineW
VirtualAllocEx
GetStdHandle
LoadLibraryW
InterlockedExchange
GetPrivateProfileIntW
lstrlenA
LocalFree
LocalSize
GlobalFree

advapi32

CloseEventLog
RegQueryValueW
ControlService
ClearEventLogW
IsValidSid
RegCloseKey
IsTextUnicode
IsValidSecurityDescriptor
InitializeSid
RegDeleteValueA
RegCreateKeyExW
RegEnumKeyW
CreateServiceA

dssec

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

hdwwiz.cpl

InstallNewDevice

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy